| Message ID | defd34e2a8744fc93404abdaad2d429fa3f69850.1614624041.git.saiprakash.ranjan@codeaurora.org |
|---|---|
| State | New |
| Headers | show |
| Series | None | expand |
Hi, On Mon, Mar 1, 2021 at 11:05 AM Sai Prakash Ranjan <saiprakash.ranjan@codeaurora.org> wrote: > > On production systems with ETMs enabled, it is preferred to exclude > kernel mode(NS EL1) tracing for security concerns and support only > userspace(NS EL0) tracing. Perf subsystem interface uses the newly > introduced kernel config CONFIG_EXCLUDE_KERNEL_PMU_TRACE to exclude > kernel mode tracing, but there is an additional interface via sysfs > for ETMs which also needs to be handled to exclude kernel > mode tracing. So we use this same generic kernel config to handle > the sysfs mode of tracing. This config is disabled by default and > would not affect the current configuration which has both kernel and > userspace tracing enabled by default. > > Tested-by: Denis Nikitin <denik@chromium.org> > Signed-off-by: Sai Prakash Ranjan <saiprakash.ranjan@codeaurora.org> > --- > drivers/hwtracing/coresight/coresight-etm4x-core.c | 6 +++++- > drivers/hwtracing/coresight/coresight-etm4x-sysfs.c | 6 ++++++ > 2 files changed, 11 insertions(+), 1 deletion(-) Not that I'm an expert in the perf subsystem, but the concern I had with v1 is now addressed. FWIW this seems fine to me now. Reviewed-by: Douglas Anderson <dianders@chromium.org> > --- a/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c > +++ b/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c > @@ -296,6 +296,12 @@ static ssize_t mode_store(struct device *dev, > if (kstrtoul(buf, 16, &val)) > return -EINVAL; > > + if (IS_ENABLED(CONFIG_EXCLUDE_KERNEL_PMU_TRACE) && (!(val & ETM_MODE_EXCL_KERN))) { > + dev_warn(dev, > + "Kernel mode tracing is not allowed, check your kernel config\n"); slight nit that I think your string needs to be indented by 1 space. ;-)
On 2021-03-02 04:13, Doug Anderson wrote: > Hi, > > On Mon, Mar 1, 2021 at 11:05 AM Sai Prakash Ranjan > <saiprakash.ranjan@codeaurora.org> wrote: >> >> On production systems with ETMs enabled, it is preferred to exclude >> kernel mode(NS EL1) tracing for security concerns and support only >> userspace(NS EL0) tracing. Perf subsystem interface uses the newly >> introduced kernel config CONFIG_EXCLUDE_KERNEL_PMU_TRACE to exclude >> kernel mode tracing, but there is an additional interface via sysfs >> for ETMs which also needs to be handled to exclude kernel >> mode tracing. So we use this same generic kernel config to handle >> the sysfs mode of tracing. This config is disabled by default and >> would not affect the current configuration which has both kernel and >> userspace tracing enabled by default. >> >> Tested-by: Denis Nikitin <denik@chromium.org> >> Signed-off-by: Sai Prakash Ranjan <saiprakash.ranjan@codeaurora.org> >> --- >> drivers/hwtracing/coresight/coresight-etm4x-core.c | 6 +++++- >> drivers/hwtracing/coresight/coresight-etm4x-sysfs.c | 6 ++++++ >> 2 files changed, 11 insertions(+), 1 deletion(-) > > Not that I'm an expert in the perf subsystem, but the concern I had > with v1 is now addressed. FWIW this seems fine to me now. > > Reviewed-by: Douglas Anderson <dianders@chromium.org> > Thanks Doug. > >> --- a/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c >> +++ b/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c >> @@ -296,6 +296,12 @@ static ssize_t mode_store(struct device *dev, >> if (kstrtoul(buf, 16, &val)) >> return -EINVAL; >> >> + if (IS_ENABLED(CONFIG_EXCLUDE_KERNEL_PMU_TRACE) && (!(val & >> ETM_MODE_EXCL_KERN))) { >> + dev_warn(dev, >> + "Kernel mode tracing is not allowed, check >> your kernel config\n"); > > slight nit that I think your string needs to be indented by 1 space. > ;-) > Ah yes, I will have to post v3 anyways to fix commit message in Patch 2 after I get few more feedback for other patches, I will fix this up as well. Thanks, Sai
diff --git a/drivers/hwtracing/coresight/coresight-etm4x-core.c b/drivers/hwtracing/coresight/coresight-etm4x-core.c index 15016f757828..dbd6b96f3a78 100644 --- a/drivers/hwtracing/coresight/coresight-etm4x-core.c +++ b/drivers/hwtracing/coresight/coresight-etm4x-core.c @@ -1235,12 +1235,16 @@ static void etm4_set_default(struct etmv4_config *config) return; /* - * Make default initialisation trace everything + * Make default initialisation trace everything when + * CONFIG_EXCLUDE_KERNEL_PMU_TRACE is disabled. * * This is done by a minimum default config sufficient to enable * full instruction trace - with a default filter for trace all * achieved by having no filtering. */ + if (IS_ENABLED(CONFIG_EXCLUDE_KERNEL_PMU_TRACE)) + config->mode |= ETM_MODE_EXCL_KERN; + etm4_set_default_config(config); etm4_set_default_filter(config); } diff --git a/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c b/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c index 0995a10790f4..78ba2a0888fc 100644 --- a/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c +++ b/drivers/hwtracing/coresight/coresight-etm4x-sysfs.c @@ -296,6 +296,12 @@ static ssize_t mode_store(struct device *dev, if (kstrtoul(buf, 16, &val)) return -EINVAL; + if (IS_ENABLED(CONFIG_EXCLUDE_KERNEL_PMU_TRACE) && (!(val & ETM_MODE_EXCL_KERN))) { + dev_warn(dev, + "Kernel mode tracing is not allowed, check your kernel config\n"); + return -EACCES; + } + spin_lock(&drvdata->spinlock); config->mode = val & ETMv4_MODE_ALL;